Group 1 - The "Regulations on Administrative Penalties by Cybersecurity Departments" will be implemented in August, aiming to standardize administrative penalties [1] - The "Regulations on Government Data Sharing" will take effect on August 1, focusing on the integration of a unified national government big data system, enhancing data security, and establishing a dispute resolution mechanism for data sharing [3] - The new version of the "Classification and Catalog of Occupational Diseases" will also be implemented on August 1, expanding from 10 categories and 132 types of occupational diseases to 12 categories and 135 types, including new categories for musculoskeletal diseases and mental disorders [3] Group 2 - The "Anti-Money Laundering and Counter-Terrorism Financing Management Measures for Precious Metals and Gemstone Practitioners" will require reporting of cash transactions exceeding 100,000 RMB or equivalent foreign currency starting August 1 [4] - Financial institutions must report cybersecurity incidents to the People's Bank of China according to the new "Management Measures for Reporting Cybersecurity Incidents in the Banking Sector," effective August 1 [4]

Core Points - The People's Bank of China (PBOC) has established a management approach for reporting cybersecurity incidents within its business domain [1] - The reporting requirements apply to incidents caused by human factors, cyberattacks, vulnerabilities, hardware and software defects, or force majeure that harm the PBOC's business networks or data [1] - Non-PBOC business domain cybersecurity incidents do not need to be reported under this new regulation [1] Summary by Categories - **Scope of Application** - The management approach is applicable to incidents affecting the PBOC's business areas, which include monetary credit, macro-prudential oversight, cross-border RMB transactions, interbank markets, comprehensive financial statistics, payment and settlement, RMB issuance and circulation, treasury management, credit reporting and rating, and anti-money laundering [1] - **Reporting Requirements** - Financial institutions must report incidents to the PBOC or its local branches as per the new guidelines [1] - Incidents involving state secrets must be handled according to relevant regulations [1]

Core Points - The People's Bank of China (PBOC) has released the "Management Measures for Reporting Cybersecurity Incidents in the Business Areas of the People's Bank of China" [1] - The measures consist of five chapters and thirty-three articles, outlining the framework for cybersecurity incident management [1] Group 1 - Chapter One specifies the basis for the measures, applicable scope, reporting and communication mechanisms with other departments, and social supervision mechanisms [1] - Chapter Two establishes a grading system for cybersecurity incidents, defining standards for particularly major, major, relatively large, and general incidents [1] - Chapter Three details the reporting process, content, timeliness, and methods for cybersecurity incidents [1] Group 2 - Chapter Four outlines the supervisory and management responsibilities of the PBOC and its branches, as well as penalties for financial institutions that violate regulations [1] - Chapter Five provides definitions of terms, interpretation rights, and the effective date of the measures [1]

Core Points - The People's Bank of China (PBOC) has issued the "Management Measures for Reporting Cybersecurity Incidents in the Business Areas of the People's Bank of China" to standardize the reporting of cybersecurity incidents related to its business areas [1] - The new measures will guide and urge financial institutions to report cybersecurity incidents in accordance with laws and regulations [1] - The measures will take effect on August 1, 2025 [1] Summary by Categories - **Regulatory Framework** - The PBOC aims to enhance the regulatory framework for reporting cybersecurity incidents in various business areas including monetary credit, macro-prudential oversight, cross-border RMB transactions, interbank markets, and anti-money laundering [1] - **Implementation Timeline** - The new reporting measures will be implemented starting from August 1, 2025 [1] - **Scope of Application** - The measures cover a wide range of areas such as payment clearing, RMB issuance and circulation, treasury management, credit reporting, and credit rating [1]